Duo Tech Talks: Dissecting the Android Bouncer
Attention, engineers and techies in the Ann Arbor and Southeast Michigan!
What's a Duo Tech Talk?
Hosted monthly at Duo Security's Ann Arbor office, Duo Tech Talks will cover a variety of topics of strong interest to the local technology community. Speakers will be enlisted both from the local community and subject matter experts from across the country.
Topics will range across the spectrum of computer science and technology, including software engineering, hardware hacking, user experience design, cloud computing, programming languages, computer security, and more!
Dissecting the Android Bouncer
If you missed the first Duo Tech Talk, hosted Friday at Duo Security’s headquarters, we have a recording available for your viewing pleasure!
Google's Android Bouncer was intended to shore up weaknesses of the Android Market by testing applications within a dynamic analysis environment to determine application security. In this talk, Jon Oberheide of Duo Security and his colleague Charlie Miller discussed their methods of bypassing Bouncer with a series of experiments, some of which included:
By analyzing Bouncer’s system to find out if network access was open, filtered, emulated or unrestricted, they found they could upload apps without paying, as well as get them analyzed by Bouncer without publishing.
They found that when testing an app, it was run in an QEMU emulator in the underlying system with an Android framework.
After more testing, they also found that Google attached their Bouncer app to a Google account with made-up names and emails - they were able to check the SD card to find several image files.
If they ran open system calls on any of the files, they found that Bouncer would flag their app and shut off the execution. They were flagged when they tried a number of other experiments, including escalating privileges and attempting to root the device.
Find out more about the Android Bouncer experiments and what they learned by watching the full Duo Tech Talk (above).
And, if you’re in the Ann Arbor area, you’re invited to the next Duo Tech Talk on car hacking, this Friday:
What: Duo Tech Talks: Adventures in Automotive Networks and Control Units
Who: Chris Valasek, Director of Security Intelligence at IOActive
When: Friday, January 17, 2014 @6pm
Where: Duo Office, 617 Detroit St, Ann Arbor MI (map)
Find out more about the upcoming talk in Duo Tech Talks: Adventures in Automotive Networks and Control Units.